---
title: Introduction to hacking - Footprinting
show-content: 1
layout: console
---

Footprinting is the act of gathering information about a computer system and the
companies it belongs to. Footprinting is the first step hackers take in their
hacking process. Footprinting is important because to hack a system, the hacker
must know everything there is to know about it. Below I will give you examples
of the steps and services a hacekr would use to get information from a website.

1. First, a hacker would start gathering information of the target's website.
Things a hacker would look for are e-mails and names. This information could
come in handy if the hacker was planning to attempt a social engineering attack
against the company.

2. Next, the hacker would get the IP address of the website, the command `host`
could be very handy for this, for example:

   ```bash
   $ host google.com

   google.com has address 172.217.30.206
   google.com has IPv6 address 2800:3f0:4005:401::200e
   google.com mail is handled by 40 alt3.aspmx.l.google.com.
   google.com mail is handled by 10 aspmx.l.google.com.
   google.com mail is handled by 20 alt1.aspmx.l.google.com.
   google.com mail is handled by 50 alt4.aspmx.l.google.com.
   google.com mail is handled by 30 alt2.aspmx.l.google.com.
   ```

3. Next, the hacker would ping the server to see if it is up and running. The
command `ping` or the website [PingAll](https://pingall.net/)

4. Next, the hacker would do a `whois` lookup:

   ```bash
   $ whois google.com
   ```

   It will return a HUGE amount of information about the company. You see the
company e-mails, addresses, names, when the domain was created, when the domain
expires, the domain nameservers and more!.

5. A hacker can also take advantage of search engines to search sites for data.
For example, a hacker could search a website through Google by issuing
"_site:the-target-site.com_" in the search bar, it will display every page that
Google has of the website. You could narrow down the number of results by adding
a specific word after. For example, the hacker could search
"_site:www.the-target-site.com email_". This search could list several emails
that are published on the website. Another search you could do in Google is
"_inurl:robots.txt_", it displays all the directories and pages on the website
that they wish to keep anonymous from the search engine spiders. Occasionally,
you might come across some valuable information that was meant to be kept
private in this file.

Now that the basics of footprinting have been explained, we will move on to port
scanning.

[Index](/blog/intro_hacking/index)
